Stolen Nvidia data can sign Windows malware

Hackers stole sensitive data from its networks, including employee credentials and proprietary company information, during last week’s cyberattack and are now “leaking it online.

Nvidia did not specify exactly what was stolen from its computer systems. As per the source, a group called LAPSUS$ is claiming responsibility for the attack. It said it obtained 1TB of data, including schematics and driver source code. The chipmaker has also launched a retaliatory attack on the cybercriminals to retrieve its stolen data.

These data’s includes source code for Nvidia’s hash rate limiter, which reduces the Ethereum mining performance of the company’s RTX 30-series graphics cards and the hackers stole the credentials of more than 71,000 Nvidia employees.

The data includes email addresses and Windows password hashes, according to HIBP, “many of which were subsequently cracked and circulated within the hacking community.

The hackers are now threatening to release Nvidia’s trade secrets, including schematics, source code and information on recent Nvidia graphics chips, including the as-yet-unannounced RTX 3090 Ti, unless Nvidia meets the group’s unusual demands.

The collective is demanding a ransom paid in cryptocurrency to prevent Nvidia’s files from becoming public. It said the company has yet to contact it. It is unlikely Nvidia will get in touch, the report said. Following last year’s Colonial Pipeline cyberattack, the Biden administration has strongly discouraged businesses from cooperating with hackers.

A question remains unanswered if Nvidia plans to meet the hackers’ demands?